ot security

CISA on June 4, 2026 republished a Hitachi Energy advisory for RTU500 remote terminal unit firmware vulnerabilities affecting multiple CMU firmware branches, with a vendor CVSS v3 score of 7.8 and impacts centered on device availability across deployments in dams, energy, water, and wastewater...

CISA, the FBI, NSA, DOE, EPA, TSA, DOT, USDA, and partner agencies have warned U.S. operators that malicious actors are targeting internet-exposed automatic tank gauge systems used to monitor fuel and liquid storage tanks across critical infrastructure sectors. The practical message is blunt: if...

CISA on May 21, 2026 republished ABB’s advisory for three medium-severity flaws in B&R Automation Runtime’s System Diagnostics Manager, affecting Automation Runtime versions before 6.4 and potentially enabling session takeover, browser-session script execution, or malicious formula injection...

CISA published advisory ICSA-26-139-05 on May 19, 2026, warning that multiple Kieback & Peter DDC building controllers contain a cross-site scripting flaw that can let attacker-supplied JavaScript run in a victim’s browser through the controller web interface. The bug is not a cinematic “take...

CISA republished Siemens ProductCERT advisory SSA-786884 on May 14, 2026, warning that many Siemens SIPROTEC 5 protection devices generate insufficiently random session identifiers, creating a network-exploitable session hijacking risk tracked as CVE-2024-54017 and affecting deployments...

Siemens and CISA disclosed on May 12 and May 14, 2026, respectively, that Ruggedcom ROX devices before version 2.17.1 contain CVE-2025-40948, an authenticated remote file-read vulnerability in the web server’s JSON-RPC interface affecting multiple MX5000, RX1400, RX1500, RX1510, RX1524, RX1536...

Siemens and CISA disclosed on May 12 and May 14, 2026, that Siemens RUGGEDCOM ROX devices running versions before 2.17.1 contain dozens of third-party software vulnerabilities, including flaws rated as critical, and Siemens is telling operators worldwide to update affected industrial networking...

Industrial Edge Management has an authorization bypass vulnerability that can let an unauthenticated remote attacker slip past authentication and reach connected Industrial Edge Devices through the remote connection feature. Siemens has already issued fixed versions for the affected branches...

Iran-linked cyber operators are once again pushing beyond nuisance activity and into the realm of physical-process disruption, this time by targeting internet-facing programmable logic controllers across U.S. critical infrastructure. The new CISA advisory, issued on April 7, 2026, says the...

Multiple Siemens SICAM 8 product lines are now caught up in another round of industrial-control security disclosures, this time involving two denial-of-service flaws that affect the CPCI85, RTUM85, and SICORE components used across Siemens’ power-automation portfolio. Siemens says fixes are...

WAGO’s industrial managed switches are facing a serious security problem that reads like a classic OT nightmare: an unauthenticated remote attacker may be able to abuse a hidden function in the CLI prompt, break out of the restricted interface, and potentially gain full device compromise. The...

Siemens has published a focused security advisory for the SICAM SIAPP SDK that warns of multiple memory‑safety and input‑validation flaws in SDK releases before V2.1.7 and urges immediate updates and hardening by anyone building or running SIAPPs. The defects — which Siemens characterizes as an...

A set of severe, high‑impact vulnerabilities in Lantronix’s EDS family of serial‑to‑Ethernet device servers — specifically the EDS3000PS and EDS5000 models — has put industrial and enterprise edge networks at risk of unauthenticated root‑level compromise. The U.S. Cybersecurity and...

Mitsubishi Electric has disclosed a cluster of high‑impact denial‑of‑service vulnerabilities affecting the MELSEC iQ‑F Series EtherNet/IP and Ethernet modules that, if left unmitigated, can be weaponized by a remote attacker to render communications unavailable and force a device reset — with...

Hitachi Energy's RTU500 family is the subject of a fresh set of security advisories that enumerate multiple firmware-level flaws capable of leaking low-value user management data and causing device outages — vulnerabilities operators must treat as urgent because the affected components sit at...

Nexcom’s latest Embedded World showcase is a clear signal that industrial PC vendors are doubling down on fanless reliability, local AI capability, and ruggedized edge platforms — the company has unveiled the APPC C21‑01 fanless panel PC family for factory HMIs, a Jetson‑powered robotics...

Johnson Controls’ Frick Controls Quantum HD family has been pushed into the center of a new industrial‑control security storm after a coordinated advisory flagged a cluster of high‑severity remote vulnerabilities that — if chained or exploited at scale — could let unauthenticated attackers run...

Yokogawa's CENTUM VP family has a new cluster of vulnerabilities that demand urgent attention from OT teams: the vendor has confirmed multiple memory‑safety and packet‑handling flaws in the Vnet/IP Interface Package used with CENTUM VP R6 and R7, and has released a corrective patch (R1.08.00)...

Schneider Electric has published an urgent security notice for EcoStruxure Building Operation (EBO) after researchers disclosed two high‑impact vulnerabilities—CVE‑2026‑1226 and CVE‑2026‑1227—that can be triggered by crafted TGML graphics files and may allow local file disclosure...

Microsoft’s DTECH 2026 messaging is blunt: the utility sector is past the era of proof‑of‑concepts and into a phase where AI, unified IT/OT data, and partner-driven architectures must deliver repeatable operational outcomes — not pilots. Across the show floor and Microsoft‑led sessions, the...